Lab 4-12 – Configuring Inter-VLAN Routing (Router-on-a-Stick)
In this lab you will learn how to configure Inter-VLAN routing, also known as router on a stick by configuring a Switch to trunk to a router with sub-interfaces in each VLAN.
Real World Application & Core Knowledge
The only way to get off a layer two network segment is through a layer three device; commonly referred to as a Default Gateway for host machines. So let’s say for example you have a single switch with 5 different VLAN’s and machines on each VLAN; in which case each VLAN would require its own router to get out of that layer two network to a different layer two network. So does this mean that multiple routers are required or a router with 5 physical ethernet interfaces, one interface in each VLAN?
The answer is easier then you’d initially think. In this case you only need a SINGLE router and that’s it. Think back to the previous lab discussing Dot1q trunk interfaces. 802.1q trunk interfaces carry all VLAN traffic.
A single Router can utilize an 802.1q trunk link to place a sub-interface in each VLAN using a single physical link and technically have interfaces in all VLAN’s.
A Sub-Interface is a logical interface partitioned off from a physical interface. A sub-interface allows you to have multiple interface configurations on a single physical interface. In this lab you’ll use sub-interfaces to match the VLAN’s in the trunk to allow for interfaces in each VLAN and accomplish inter-vlan routing for the hosts as the router has an interface in each layer three network.
In this lab you’ll familiarize yourself with the following new commands;
encapsulation dot1Q # – This command is executed from ethernet sub-interface configuration mode and binds the sub interface(s) to a particular 802.1q tagged vlan.
no ip routing – This command is executed from global configuration and disables the routers ability to be used as a router, effectively turning it into a test client machine like a windows box.
ip default-gateway 1.2.3.4 – This command is executed in global configuration mode to configure a non-routing device to use the specific IP Address as a default-gateway.
show ip interface brief – This command can be executed from user or privileged mode to view the current IP addresses of all interfaces on the device.
Lab Prerequisites
- If you are using GNS3 than load the Stub Area Networking GNS3 topology than start devices; R1, R2, R3 and SW1.
- Establish a console session with devices R1, R2, R3 and SW1 than configure the devices respected hostname(s).
- Create VLAN’s 20 and 30 on SW1 and configure interface Fa0/1 on SW1 as an 802.1q trunk link.
- On SW1 configure interface Fa0/2 to access VLAN20 and Fa0/3 to access VLAN 30.
- Configure the IP address 10.1.20.2/24 on R2′s FastEthernet0/0 interface.
- Configure the IP address 10.1.30.3/24 on R3′s Fastethernet0/0 interface.
Lab Objectives
- Configure a new Sub-Interface on R1 to match the VLAN 20 (Fa0/0.20) and configure the sub-interface to use 802.1q encapsulation and the Dot1q tag of 20. Configure the sub-interface to use the IP address 10.1.20.1/24.
- Configure a new Sub-Interface on R1 to match the VLAN 30 (Fa0/0.30) and configure the sub-interface to use 802.1q encapsulation and the Dot1q tag of 30. Configure the sub-interface to use the IP address 10.1.30.1/24. Verify your sub-interface configuration.
- Disable IP Routing on R2 and R3 and configure the default gateway on R2 and R3 to use R1′s respected Sub-interface as the default gateway.
- Verify that R2 can ping R3′s FastEthernet0/0 interface using R1 as the default-gateway.
Lab Instruction
Step 1. – Configure a new Sub-Interface on R1 to match the VLAN 20 (Fa0/0.20) and configure the sub-interface to use 802.1q encapsulation and the Dot1q tag of 20. Configure the sub-interface to use the IP address 10.1.20.1/24.
To create a new sub-interface you’ll use the interface fa0/0.# command in global configuration mode. To enable the sub-interface to use 802.1q you’ll use the encapsulation dot1q # command whereas # is the dot1q VLAN tag as shown below;
R1 con0 is now available Press RETURN to get started. R1>enable R1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. R1(config)#interface fa0/0 R1(config-if)#no shut R1(config-if)#interface fa0/0.20 R1(config-subif)#encapsulation dot1q 20 R1(config-subif)#ip add 10.1.20.1 255.255.255.0 R1(config-subif)#exit R1(config)#
Step 2. – Configure a new Sub-Interface on R1 to match the VLAN 30 (Fa0/0.30) and configure the sub-interface to use 802.1q encapsulation and the Dot1q tag of 30. Configure the sub-interface to use the IP address 10.1.30.1/24. Verify your sub-interface configuration.
R1(config)#interface fa0/0.30 R1(config-subif)#encapsulation dot1q 30 R1(config-subif)#ip add 10.1.30.1 255.255.255.0 R1(config-subif)#end R1#sh run interface fa0/0.20 Building configuration... Current configuration : 96 bytes ! interface FastEthernet0/0.20 encapsulation dot1Q 20 ip address 10.1.20.1 255.255.255.0 end R1#sh run interface fa0/0.30 Building configuration... Current configuration : 96 bytes ! interface FastEthernet0/0.30 encapsulation dot1Q 30 ip address 10.1.30.1 255.255.255.0 end R1#show ip interface brief | inc FastEthernet0/0 Interface IP-Address OK? Method Status Protocol FastEthernet0/0 unassigned YES unset up up FastEthernet0/0.20 10.1.20.1 YES manual up up FastEthernet0/0.30 10.1.30.1 YES manual up up R1#
Step 3. – Disable IP Routing on R2 and R3 and configure the default gateway on R2 and R3 to use R1’s respected Sub-interface as the default gateway.
To disable IP Routing on R2 and R3 use the no ip routing command in global configuration. To specify a default gateway use the ip default-gateway x.x.x.x as shown below;
R2 con0 is now available Press RETURN to get started. R2>enable R2#configure terminal Enter configuration commands, one per line. End with CNTL/Z. R2(config)#no ip routing R2(config)#ip default-gateway 10.1.20.1 R2(config)#end R2#
R3 con0 is now available Press RETURN to get started. R3>enable R3#configure terminal Enter configuration commands, one per line. End with CNTL/Z. R3(config)#no ip routing R3(config)#ip default-gateway 10.1.30.1 R3(config)#end R3#
Step 4. – Verify that R2 can ping R3’s FastEthernet0/0 interface using R1 as the default-gateway as shown below;
R2#ping 10.1.30.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.30.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/23/52 ms
R2#
Isn’t it trunk on fa1/1 instead fa1/0
Sam
Yes you’re correct I’ve fixed this typo. Thanks for pointing it out.
-Free CCNA Workbook Author
Hi,
R2>ip default-gateway 10.1.30.1
R3>ip default-gateway 10.1.20.1
Two different Subnet , R1 > No IP routing ,then How did R2 pinged R3 via R1?
I used this command for 3 routersinterconnected by Serial Links(ip default-gateway- R1 default gateway for all) ,it didn’t work – I think it is due to Encapsulation dot1q which allows to router to do this.
Both of them are already connected to the Router1 physically,so no needs to define ip route ! but please let me know ip default-gateway commands on Router 2 works like as a default route?
Babak,
When you have a device that does not have routing enabled then the “default-gateway” command acts the same as a host machine would. Any traffic destined to a network not on its local subnet would be sent to the default gateway. In a nutshell it performs the same function as a default route for all traffic not on its devices local subnet.
-Free CCNA Workbook Author
pls i need ur help i want to connect 3 Router and 3 stwch and 2 pc 4 each
dis is Route ip 192.168.10.0 and 192.168.11.0
and 4 fa/0 172.16.10.0, 172.16.11.0, 172.16.12.0
pls help ur friend
okie look
at router one.
en
config t
hostname r1
line console 0
password ccna
login
exit
int se0/0/0
ip add 10.0.0.1 255.0.0.0
no shutdown
encapsulation ppp
clock rate 64000
exit
int fa0/0
ip add 192.168.10.1 255.255.255.0
no shutdown
AT ROUTER 2
en
config t
hostname r2
line console 0
pass ccna
login
exit
int se0/0/0
ip add 10.0.0.2 255.0.0.0
no shutdown
encapsulation ppp
clock rate 64000
exit
int fa0/0
ip add 192.168.11.0
no shutdown
int se0/0/1
ip add 11.0.0.1 255.0.0.0
no shutdown
simple is that just follow the concept and be connected with google
thanks
abdul mohe’d